CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-0261 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-0261
18 Jan 2022 — Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Un Desbordamiento de Búfer en la región Heap de la memoria en el repositorio GitHub vim/vim versiones anteriores a 8.2 A heap based out-of-bounds write flaw was found in vim's ops.c. This flaw allows an attacker to trick a user to open a crafted file triggering an out-of-bounds write. This vulnerability is capable of crashing software, modify memory, and possible code execution. Red Hat Advanced Cluster Management for Kubernetes 2.4.3 ima... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 1CVE-2022-0128 – Out-of-bounds Read in vim/vim
https://notcve.org/view.php?id=CVE-2022-0128
06 Jan 2022 — vim is vulnerable to Out-of-bounds Read vim es vulnerable a una Lectura Fuera de Límites. It was discovered that Vim contained an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Vim did not properly manage memory when freeing allocated memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. • http://seclists.org/fulldisclosure/2022/Jul/14 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 1CVE-2021-4192 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2021-4192
31 Dec 2021 — vim is vulnerable to Use After Free vim es vulnerable a un Uso de Memoria Previamente Liberada. It was found that vim was vulnerable to use-after-free flaw in win_linetabsize(). Sourcing a specially crafted file in vim could crash the vim process or possibly lead to other undefined behaviors. Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that... • http://seclists.org/fulldisclosure/2022/Jul/14 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 1CVE-2021-4193 – Out-of-bounds Read in vim/vim
https://notcve.org/view.php?id=CVE-2021-4193
31 Dec 2021 — vim is vulnerable to Out-of-bounds Read vim es vulnerable a una Lectura Fuera de Límites. It was found that vim was vulnerable to an out-of-bound read flaw in getvcol(). A specially crafted file could be used to, when opened in vim, disclose some of the process's internal memory. Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use ... • http://seclists.org/fulldisclosure/2022/Jul/14 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 1CVE-2021-4187 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2021-4187
29 Dec 2021 — vim is vulnerable to Use After Free vim es vulnerable a un Uso de Memoria Previamente Liberada macOS Monterey 12.3 addresses buffer overflow, bypass, code execution, denial of service, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2022/Jul/14 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 1CVE-2021-4173 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2021-4173
27 Dec 2021 — vim is vulnerable to Use After Free vim es vulnerable a un Uso de Memoria previamente Liberada macOS Monterey 12.3 addresses buffer overflow, bypass, code execution, denial of service, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2022/Jul/14 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 26EXPL: 1CVE-2021-4166 – Out-of-bounds Read in vim/vim
https://notcve.org/view.php?id=CVE-2021-4166
25 Dec 2021 — vim is vulnerable to Out-of-bounds Read vim es vulnerable a una Lectura Fuera de Límites It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. This issue only affected Ubuntu 20.04 LTS. It was discovered that Vim was using freed memory when dealing with regular expressions inside a visual selection. If a user were tricked into opening a specially crafted file, an attacker could crash the... • http://seclists.org/fulldisclosure/2022/Jul/14 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 18EXPL: 0CVE-2020-3886
https://notcve.org/view.php?id=CVE-2020-3886
23 Dec 2021 — A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. Este problema se ha corregido en macOS Catalina versión 10.15.4, Actualización de seguridad 2020-002 Mojave, Actualización de segurid... • https://support.apple.com/en-us/HT211100 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2020-3896
https://notcve.org/view.php?id=CVE-2020-3896
23 Dec 2021 — This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra. A malicious application may be able to overwrite arbitrary files. Este problema se abordó al eliminar el código vulnerable. Este problema se ha corregido en macOS Catalina versión 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra. • https://support.apple.com/en-us/HT211100 •
CVSS: 5.5EPSS: 0%CPEs: 23EXPL: 0CVE-2019-8702
https://notcve.org/view.php?id=CVE-2019-8702
23 Dec 2021 — This issue was addressed with a new entitlement. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra, iOS 12.4, tvOS 12.4. A local user may be able to read a persistent account identifier. Este problema se abordó con una nueva asignación de derechos. Este problema es corregido en macOS Mojave versión 10.14.6, actualización de seguridad 2019-004 High Sierra, actualización de seguridad 2019-004 Sierra, iOS versión 12.4, tvOS versión 12.4. • https://support.apple.com/en-us/HT210346 • CWE-668: Exposure of Resource to Wrong Sphere •